Overview
Explore the world of targeted attacks and command and control (C&C) toolkits in this 33-minute Black Hat conference talk. Delve into the misconceptions surrounding advanced persistent threats and learn how to exploit notorious C&C toolkits. Examine the terminology of Remote Access Trojans (RATs) and analyze sophisticated attack techniques. Investigate specific cases like APT1 and Poison Ivy, Xtreme Rat, and Ghost RAT. Discover vulnerabilities such as remote file upload/download and DLL side loading. Learn to decode implant configs and understand post-exploitation techniques. Gain insights into the defender's perspective and challenge the notion that these attacks are irresistible or inevitable.
Syllabus
Intro
Disclaimer
The sophisticated attack
Hacking back
RAT terminology
Sophisticated attack hit list
APT1 & Poison Ivy
Xtreme Rat
Remote file upload
Remote file download
Ghost RAT
DLL side load vulnerability
Decode implant configs
Post exploitation
Taught by
Black Hat